Skip to content

Commit 4b552fc

Browse files
nscuronscuro
committed
Fix missing offline mapping for jsf-0.82.schema.json
Schema validation currently fails if the validator is unable to fetch the JSF schema from `http://cyclonedx.org/schema/jsf-0.82.schema.json`. Signed-off-by: nscuro <[email protected]>
1 parent 37f4cff commit 4b552fc

File tree

2 files changed

+242
-0
lines changed

2 files changed

+242
-0
lines changed

src/main/java/org/cyclonedx/CycloneDxSchema.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,8 @@ public JsonSchema getJsonSchema(Version schemaVersion, final ObjectMapper mapper
9292
final Map<String, String> offlineMappings = new HashMap<>();
9393
offlineMappings.put("http://cyclonedx.org/schema/spdx.schema.json",
9494
getClass().getClassLoader().getResource("spdx.schema.json").toExternalForm());
95+
offlineMappings.put("http://cyclonedx.org/schema/jsf-0.82.schema.json",
96+
getClass().getClassLoader().getResource("jsf-0.82.schema.json").toExternalForm());
9597
offlineMappings.put("http://cyclonedx.org/schema/bom-1.2.schema.json",
9698
getClass().getClassLoader().getResource("bom-1.2-strict.schema.json").toExternalForm());
9799
offlineMappings.put("http://cyclonedx.org/schema/bom-1.3.schema.json",

src/main/resources/jsf-0.82.schema.json

Lines changed: 240 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,240 @@
1+
{
2+
"$schema": "http://json-schema.org/draft-07/schema#",
3+
"$id": "http://cyclonedx.org/schema/jsf-0.82.schema.json",
4+
"type": "object",
5+
"title": "JSON Signature Format (JSF) standard",
6+
"$comment" : "JSON Signature Format schema is published under the terms of the Apache License 2.0. JSF was developed by Anders Rundgren ([email protected]) as a part of the OpenKeyStore project. This schema supports the entirely of the JSF standard excluding 'extensions'.",
7+
"definitions": {
8+
"signature": {
9+
"type": "object",
10+
"title": "Signature",
11+
"oneOf": [
12+
{
13+
"additionalProperties": false,
14+
"properties": {
15+
"signers": {
16+
"type": "array",
17+
"title": "Signature",
18+
"description": "Unique top level property for Multiple Signatures. (multisignature)",
19+
"items": {"$ref": "#/definitions/signer"}
20+
}
21+
}
22+
},
23+
{
24+
"additionalProperties": false,
25+
"properties": {
26+
"chain": {
27+
"type": "array",
28+
"title": "Signature",
29+
"description": "Unique top level property for Signature Chains. (signaturechain)",
30+
"items": {"$ref": "#/definitions/signer"}
31+
}
32+
}
33+
},
34+
{
35+
"title": "Signature",
36+
"description": "Unique top level property for simple signatures. (signaturecore)",
37+
"$ref": "#/definitions/signer"
38+
}
39+
]
40+
},
41+
"signer": {
42+
"type": "object",
43+
"title": "Signature",
44+
"required": [
45+
"algorithm",
46+
"value"
47+
],
48+
"additionalProperties": false,
49+
"properties": {
50+
"algorithm": {
51+
"oneOf": [
52+
{
53+
"type": "string",
54+
"title": "Algorithm",
55+
"description": "Signature algorithm. The currently recognized JWA [RFC7518] and RFC8037 [RFC8037] asymmetric key algorithms. Note: Unlike RFC8037 [RFC8037] JSF requires explicit Ed* algorithm names instead of \"EdDSA\".",
56+
"enum": [
57+
"RS256",
58+
"RS384",
59+
"RS512",
60+
"PS256",
61+
"PS384",
62+
"PS512",
63+
"ES256",
64+
"ES384",
65+
"ES512",
66+
"Ed25519",
67+
"Ed448",
68+
"HS256",
69+
"HS384",
70+
"HS512"
71+
]
72+
},
73+
{
74+
"type": "string",
75+
"title": "Algorithm",
76+
"description": "Signature algorithm. Note: If proprietary signature algorithms are added, they must be expressed as URIs.",
77+
"format": "uri"
78+
}
79+
]
80+
},
81+
"keyId": {
82+
"type": "string",
83+
"title": "Key ID",
84+
"description": "Optional. Application specific string identifying the signature key."
85+
},
86+
"publicKey": {
87+
"title": "Public key",
88+
"description": "Optional. Public key object.",
89+
"$ref": "#/definitions/publicKey"
90+
},
91+
"certificatePath": {
92+
"type": "array",
93+
"title": "Certificate path",
94+
"description": "Optional. Sorted array of X.509 [RFC5280] certificates, where the first element must contain the signature certificate. The certificate path must be contiguous but is not required to be complete.",
95+
"items": {
96+
"type": "string"
97+
}
98+
},
99+
"excludes": {
100+
"type": "array",
101+
"title": "Excludes",
102+
"description": "Optional. Array holding the names of one or more application level properties that must be excluded from the signature process. Note that the \"excludes\" property itself, must also be excluded from the signature process. Since both the \"excludes\" property and the associated data it points to are unsigned, a conforming JSF implementation must provide options for specifying which properties to accept.",
103+
"items": {
104+
"type": "string"
105+
}
106+
},
107+
"value": {
108+
"type": "string",
109+
"title": "Signature",
110+
"description": "The signature data. Note that the binary representation must follow the JWA [RFC7518] specifications."
111+
}
112+
}
113+
},
114+
"keyType": {
115+
"type": "string",
116+
"title": "Key type",
117+
"description": "Key type indicator.",
118+
"enum": [
119+
"EC",
120+
"OKP",
121+
"RSA"
122+
]
123+
},
124+
"publicKey": {
125+
"title": "Public key",
126+
"description": "Optional. Public key object.",
127+
"type": "object",
128+
"required": [
129+
"kty"
130+
],
131+
"additionalProperties": true,
132+
"properties": {
133+
"kty": {
134+
"$ref": "#/definitions/keyType"
135+
}
136+
},
137+
"allOf": [
138+
{
139+
"if": {
140+
"properties": { "kty": { "const": "EC" } }
141+
},
142+
"then": {
143+
"required": [
144+
"kty",
145+
"crv",
146+
"x",
147+
"y"
148+
],
149+
"additionalProperties": false,
150+
"properties": {
151+
"kty": {
152+
"$ref": "#/definitions/keyType"
153+
},
154+
"crv": {
155+
"type": "string",
156+
"title": "Curve name",
157+
"description": "EC curve name.",
158+
"enum": [
159+
"P-256",
160+
"P-384",
161+
"P-521"
162+
]
163+
},
164+
"x": {
165+
"type": "string",
166+
"title": "Coordinate",
167+
"description": "EC curve point X. The length of this field must be the full size of a coordinate for the curve specified in the \"crv\" parameter. For example, if the value of \"crv\" is \"P-521\", the decoded argument must be 66 bytes."
168+
},
169+
"y": {
170+
"type": "string",
171+
"title": "Coordinate",
172+
"description": "EC curve point Y. The length of this field must be the full size of a coordinate for the curve specified in the \"crv\" parameter. For example, if the value of \"crv\" is \"P-256\", the decoded argument must be 32 bytes."
173+
}
174+
}
175+
}
176+
},
177+
{
178+
"if": {
179+
"properties": { "kty": { "const": "OKP" } }
180+
},
181+
"then": {
182+
"required": [
183+
"kty",
184+
"crv",
185+
"x"
186+
],
187+
"additionalProperties": false,
188+
"properties": {
189+
"kty": {
190+
"$ref": "#/definitions/keyType"
191+
},
192+
"crv": {
193+
"type": "string",
194+
"title": "Curve name",
195+
"description": "EdDSA curve name.",
196+
"enum": [
197+
"Ed25519",
198+
"Ed448"
199+
]
200+
},
201+
"x": {
202+
"type": "string",
203+
"title": "Coordinate",
204+
"description": "EdDSA curve point X. The length of this field must be the full size of a coordinate for the curve specified in the \"crv\" parameter. For example, if the value of \"crv\" is \"Ed25519\", the decoded argument must be 32 bytes."
205+
}
206+
}
207+
}
208+
},
209+
{
210+
"if": {
211+
"properties": { "kty": { "const": "RSA" } }
212+
},
213+
"then": {
214+
"required": [
215+
"kty",
216+
"n",
217+
"e"
218+
],
219+
"additionalProperties": false,
220+
"properties": {
221+
"kty": {
222+
"$ref": "#/definitions/keyType"
223+
},
224+
"n": {
225+
"type": "string",
226+
"title": "Modulus",
227+
"description": "RSA modulus."
228+
},
229+
"e": {
230+
"type": "string",
231+
"title": "Exponent",
232+
"description": "RSA exponent."
233+
}
234+
}
235+
}
236+
}
237+
]
238+
}
239+
}
240+
}

0 commit comments

Comments
 (0)